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REMARKS 

1 . Applicant thanks the Office for its remarks and observations which have 
greatly assisted Applicant in responding. 

2 35 U.S.C. § 103 

Claims 1 and 38 are rejected as being unpatentable over U.S. patent no. 
6,510,236 ("Crane") in view of U.S patent application pub. no. 2004/0139352 
("Shewchuck"). Applicant respectfully disagrees and incorporates its previous 
remarks regarding Claims 1-94 herein by this reference thereto. 

Claims 30 - 31 and 67-68 are rejected as being unpatentable over 
Crane/Shewchuck and further in view of U.S. patent application pub. no. 
2002/0032793 ("Malan"). Applicant respectfully disagrees. The Office relies on 
Malan, 0069 as teaching or suggesting the subject matter of Claims 31 and 67. 
Applicant respectfully disagrees. While 0069 does describe applying rate- 
limiting to malicious hosts, the rate limiting is applied to filter sets of Internet 
hosts that have been found to be malicious. While it is unclear how Malan's 
conventional IP-based rate limiting approach can be used to apply rate-limiting to 
a single client, Malan also suggests that countermeasures can be applied to 
single clients. However, Applicant has thoroughly discussed the disadvantages 
of conventional IP-based rate limiting strategies in the Application, at least at ffll 
4-21 and 49-54 of U.S. patent application pub. no. 2005/0108551. 

As Applicant points out in the cited paragraphs, conventional IP-based 
rate limiting is an exceptionally coarse tool for differentiating friendly traffic from 
unfriendly traffic. Because IP-based rate limiting, as taught by Malan in If 0069, 
filters sets of hosts , it must deny service to a great deal of friendly traffic in order 
to protect a service from malicious traffic. Additionally, such measures are 
usually effective for only a short while before a cracker is able to circumvent them. 
Also, because of the transitory nature of many IP addresses, IP address-based 
countermeasures for a particular IP address are only good for as long as the 
IP/user binding persists. 
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Applicant's remedy for the deficiencies of conventional IP-based rate 
limiting is a method for ap plication of tru st-based , fine grained rate limiting, 
wherein trust is extended to unique client-user pairs . Trust is established by 
issuing a trust token to a unique client-user ID pair . 

Accordingly, unlike the conventional strategies described in the 
combination, rate-limiting can be applied to single user-machine pairs . There is 
no teaching or suggestion, in Malan, or in the combination that rate-limiting be 
applied to unique client-user pairs. 

The Office relies on Malan, U 0075 as teaching or suggesting the subject 
matter of Claims 31 and 68 - "wherein untrusted logins include successful and 
unsuccessful logins from entities not bearing a trust token." Applicant 
respectfully disagrees. There is no teaching or suggestion in Malan of a "trust 
token" as described in Claim 1. What is described by Malan at U 0075 are 
profiles, maintained at a server, against which a client's request distribution is 
compared. Accordingly, there is no teaching or suggestion in Claims 31 and 68 
of "wherein untrusted logins include successful and unsuccessful logins from 
entities not bearing a trust token." 

Even though it is Applicant's position that the rejection of Claims 1 and 38 
is improper, in recognition of the Office policy of compact prosecution, Applicant 
amends Claims 1 and 38 to include the subject matter of Claims 30-31 and 67- 
68, respectively. As above, there is no teaching or suggestion in the combination 
of a method of fine-grained, trust based rate-limiting " wherein processing 
remaining requests according to at least a second policy comprises adding a 
specified amount of incremental response latency when processing untrusted 
logins, and wherein untrusted logins comprise successful and unsuccessful 
logins from entities determined to lack a trust token ." 

Therefore, even if the present rejection were not improper, it would be 
overcome by the present amendment. Claims 1 and 38 are therefore deemed 
allowable over the combination. In view of their dependence from allowable 
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parent Claims, the dependent Claims are deemed allowable without any 
separate consideration of their merits. 

Claims 27 and 64 are rejected as being unpatentable over the 
combination Crane/Shewchuck, even though the Office finds that the 
combination does not disclose the subject matter of Claims 17 and 64. The 
present rejection is would therefore be improper, even if the rejection of Claims 1 
and 38 were not improper. 

Claims 9 and 46 are rejected as being unpatentable over 
Crane/Shewchuck in view of U.S. patent application pub. no. 2004/0139352 
("Morkel"). In view of the foregoing, the present rejection is deemed 
improper/overcome. 

Claims 10, 29, 37, 47, 66 and 74 are rejected as being unpatentable over 
Crane/Shewchuck in view of U.S. patent application pub. no. 2004/0139352 
("Morkel") and further in view of U.S. patent application pub. no. 2004/0139352 
("Pallante"). In view of the foregoing, the present rejection is deemed 
improper/overcome. 

Claims 16, 19-20, 24, 53, 56-57 and 61 are rejected as being 
unpatentable over Crane/Shewchuck and further in view of U.S. patent 
application pub. no. 2003/0177388 ("Botz"). In view of the foregoing, the present 
rejection is deemed improper/overcome. 

Claims 34 and 71 are rejected as being unpatentable over 
Crane/Shewchuck and further in view of U.S. patent application pub. no. 
2002/0139352 ("Card"). In view of the foregoing, the present rejection is deemed 
improper/overcome. 

Claims 75-84, 89-91 and 93-94 are rejected as being unpatentable over 
U.S. patent no. 5,944,794 ("Okamoto") and further in view of U.S. patent 
application pub. no. 2002/0032793 ("Malan"). Claims 75-94 are cancelled from 
the Application, rendering the present rejection moot. 

Claims 85-86 are rejected as being unpatentable over U.S. patent no. 
5,944,794 ("Okamoto") and further in view of Malan; and further in view of Botz. 
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The above cancellation of Claims 85-86 from the Application renders the present 
rejection moot. 

Claim 92 is rejected as being unpatentable over U.S. patent no. 5,944,794 
("Okamoto") and further in view of U.S. patent application pub. no. 2002/0032793 
("Malan") and further in view of Card. The above cancellation of Claim 92 from 
the Application renders the present rejection moot. 

4. For the record, Applicant respectfully traverses any and all factual 
assertions in the file that are not supported by documentary evidence. Such 
include assertions based on findings of inherency, assertions based on official 
notice, and any other assertions of what is well known or commonly known in the 
prior art. 

5. No new matter is added by way of the above amendments. The foregoing 
amendments are made in the interest of advancing prosecution of the Application. 
They do not signify agreement with the Examiner's position. Nor do they reflect 
intent to sacrifice claim scope. Applicant expressly reserves the right to pursue 
protection of a scope it reasonably believes it is entitled to in one or more 
continuing submissions to the USPTO. 



In view of the foregoing, the Application is deemed to be in allowable 
condition. Therefore, Applicant respectfully requests reconsideration and prompt 
allowance of the claims. Should the Examiner have any questions regarding the 
Application, he is urged to contact Applicant's Attorney at 650-474-8400. 



CONCLUSION 



Respectfully submitted, 




Michael A. Glenn 



Reg. No. 30,176 



Customer No. 22862 
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